diff --git a/charts/aserto-lib/Chart.yaml b/charts/aserto-lib/Chart.yaml index 824a4f5..30f0ac6 100644 --- a/charts/aserto-lib/Chart.yaml +++ b/charts/aserto-lib/Chart.yaml @@ -21,7 +21,7 @@ type: library # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.1 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/aserto/Chart.lock b/charts/aserto/Chart.lock index e49e78c..22fc442 100644 --- a/charts/aserto/Chart.lock +++ b/charts/aserto/Chart.lock @@ -1,30 +1,24 @@ dependencies: +- name: aserto-lib + repository: file://../aserto-lib + version: 0.2.0 +- name: authorizer + repository: file://../authorizer + version: 0.2.0 - name: controller repository: file://../controller version: 0.0.1 +- name: console + repository: file://../console + version: 0.1.7 - name: directory repository: file://../directory - version: 0.2.2 -- name: authorizer - repository: file://../authorizer - version: 0.1.10 + version: 0.2.0 - name: discovery repository: file://../discovery - version: 0.1.9 -- name: console - repository: file://../console - version: 0.1.8 + version: 0.2.0 - name: scim repository: file://../scim - version: 0.1.7 -- name: registry-proxy - repository: file://../registry-proxy - version: 0.1.6 -- name: aserto-lib - repository: file://../aserto-lib - version: 0.2.1 -- name: multi-tenant-scim - repository: file://../multi-tenant-scim - version: 0.0.1 -digest: sha256:dd5cc7966bdbc8c5cb731339a97d2ef3d1764b81e8aa624ea76abdc539824093 -generated: "2025-01-24T11:04:50.423851638+02:00" + version: 0.2.0 +digest: sha256:eeb8b6b65e31152eadc15ffd86d33a57b36f4c27bdb70f9548b63b147dc6b9d2 +generated: "2025-03-28T11:34:16.57247-04:00" diff --git a/charts/aserto/Chart.yaml b/charts/aserto/Chart.yaml index ab55d97..a0328d0 100644 --- a/charts/aserto/Chart.yaml +++ b/charts/aserto/Chart.yaml @@ -21,7 +21,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.12 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -30,36 +30,36 @@ version: 0.1.12 appVersion: "0.1.0" dependencies: + - name: aserto-lib + version: 0.2.0 + repository: file://../aserto-lib + - name: authorizer + version: 0.2.0 + repository: file://../authorizer + condition: authorizer.enabled - name: controller version: 0.0.1 repository: file://../controller + - name: console + version: 0.1.7 + repository: file://../console + condition: console.enabled - name: directory - version: 0.2.2 + version: 0.2.0 repository: file://../directory - - name: authorizer - version: 0.1.10 - repository: file://../authorizer - condition: authorizer.enabled - name: discovery - version: 0.1.9 + version: 0.2.0 repository: file://../discovery condition: discovery.enabled - - name: console - version: 0.1.8 - repository: file://../console - condition: console.enabled + # - name: multi-tenant-scim + # version: 0.0.1 + # repository: file://../multi-tenant-scim + # condition: multi-tenant-scim.enabled + # - name: registry-proxy + # version: 0.1.6 + # repository: file://../registry-proxy + # condition: registry-proxy.enabled - name: scim - version: 0.1.7 + version: 0.2.0 repository: file://../scim condition: scim.enabled - - name: registry-proxy - version: 0.1.6 - repository: file://../registry-proxy - condition: registry-proxy.enabled - - name: aserto-lib - version: 0.2.1 - repository: file://../aserto-lib - - name: multi-tenant-scim - version: 0.0.1 - repository: file://../multi-tenant-scim - condition: multi-tenant-scim.enabled diff --git a/charts/authorizer/Chart.lock b/charts/authorizer/Chart.lock index 3dc1eba..34fe706 100644 --- a/charts/authorizer/Chart.lock +++ b/charts/authorizer/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2024-12-17T16:09:37.112996+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:27:37.668307-04:00" diff --git a/charts/authorizer/Chart.yaml b/charts/authorizer/Chart.yaml index 490c0a4..24d7ef6 100644 --- a/charts/authorizer/Chart.yaml +++ b/charts/authorizer/Chart.yaml @@ -21,15 +21,15 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.10 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 0.16.0 +appVersion: 0.16.1 dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/charts/authorizer/templates/config.yaml b/charts/authorizer/templates/config.yaml index 268f262..dd4deea 100644 --- a/charts/authorizer/templates/config.yaml +++ b/charts/authorizer/templates/config.yaml @@ -38,7 +38,14 @@ stringData: jwt: acceptable_time_skew_seconds: {{ .Values.jwtAcceptableTimeSkewSeconds | default "5" }} - auth: + authorization: + enabled: true + ignored_methods: + - /grpc.reflection.v1alpha.ServerReflection/ServerReflectionInfo + - /grpc.reflection.v1.ServerReflection/ServerReflectionInfo + - /aserto.authorizer.v2.Authorizer/Info + + authentication: authenticators_enabled: root_key: true oidc: true @@ -58,6 +65,7 @@ stringData: - methods: - /grpc.reflection.v1.ServerReflection/ServerReflectionInfo - /grpc.reflection.v1alpha.ServerReflection/ServerReflectionInfo + - /aserto.authorizer.v2.Authorizer/Info authenticators_enabled: anonymous: true diff --git a/charts/console/Chart.lock b/charts/console/Chart.lock index 47e355a..6214c25 100644 --- a/charts/console/Chart.lock +++ b/charts/console/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2024-12-17T16:09:37.348401+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:27:43.142209-04:00" diff --git a/charts/console/Chart.yaml b/charts/console/Chart.yaml index c25646c..0c8701d 100644 --- a/charts/console/Chart.yaml +++ b/charts/console/Chart.yaml @@ -21,15 +21,15 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.8 +version: 0.1.7 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 0.2.0 +appVersion: 0.2.8 dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/charts/console/templates/deployment.yaml b/charts/console/templates/deployment.yaml index 526c8f4..9415ebf 100644 --- a/charts/console/templates/deployment.yaml +++ b/charts/console/templates/deployment.yaml @@ -55,7 +55,7 @@ spec: - name: DS0_TENANT_ID value: {{ .tenant_id }} {{- end }} - {{- with include "aserto-lib.controllerKeyEnv" (list . "read") }} + {{- with include "aserto-lib.controllerKeyEnv" (list . "write") }} - name: DS0_ROOT_KEY {{- . | nindent 14 }} {{- end }} diff --git a/charts/console/templates/service.yaml b/charts/console/templates/service.yaml index 08c9009..076fed5 100644 --- a/charts/console/templates/service.yaml +++ b/charts/console/templates/service.yaml @@ -4,6 +4,11 @@ metadata: name: {{ include "console.fullname" . }} labels: {{- include "console.labels" . | nindent 4 }} + + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} spec: type: {{ .Values.service.type }} ports: diff --git a/charts/controller/Chart.lock b/charts/controller/Chart.lock index ee9df3f..a2d66c9 100644 --- a/charts/controller/Chart.lock +++ b/charts/controller/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2024-12-17T16:09:37.673499+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:27:47.329975-04:00" diff --git a/charts/controller/Chart.yaml b/charts/controller/Chart.yaml index 11ebc35..7f8eeee 100644 --- a/charts/controller/Chart.yaml +++ b/charts/controller/Chart.yaml @@ -27,9 +27,9 @@ version: 0.0.1 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 0.34.2 +appVersion: 0.34.5 dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/charts/controller/templates/config.yaml b/charts/controller/templates/config.yaml index 3e33940..154b7e4 100644 --- a/charts/controller/templates/config.yaml +++ b/charts/controller/templates/config.yaml @@ -80,7 +80,18 @@ stringData: - /aserto.directory.reader.v3.Reader/Check - /aserto.directory.reader.v3.Reader/Checks - /aserto.directory.controller.v1.Controller/GetAPIKeyIdentity - + system: + - /aserto.directory.reader + - /aserto.directory.controller.v1.Controller/ListUserTenants + - /aserto.directory.store.v2.Store/CreateTenant + - /aserto.directory.store.v2.Store/DeleteTenant + - /aserto.directory.store.v2.Store/GetTenant + - /aserto.directory.store.v2.Store/ListTenants + - /aserto.directory.store.v2.Store/MigrateSchema + - /aserto.directory.exporter + - /aserto.directory.importer + - /aserto.directory.model + - /aserto.directory.writer {{- end }} authentication: diff --git a/charts/directory/Chart.lock b/charts/directory/Chart.lock index ee9df3f..1b01508 100644 --- a/charts/directory/Chart.lock +++ b/charts/directory/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2024-12-17T16:09:37.673499+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:27:51.069954-04:00" diff --git a/charts/directory/Chart.yaml b/charts/directory/Chart.yaml index fa99465..4f5c51a 100644 --- a/charts/directory/Chart.yaml +++ b/charts/directory/Chart.yaml @@ -21,15 +21,15 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.2 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 0.34.2 +appVersion: 0.34.5 dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/charts/discovery/Chart.lock b/charts/discovery/Chart.lock index 75256a3..a50c947 100644 --- a/charts/discovery/Chart.lock +++ b/charts/discovery/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2024-12-17T16:09:37.936693+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:27:54.42612-04:00" diff --git a/charts/discovery/Chart.yaml b/charts/discovery/Chart.yaml index 9a64dd9..f70aac8 100644 --- a/charts/discovery/Chart.yaml +++ b/charts/discovery/Chart.yaml @@ -21,7 +21,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.9 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -31,5 +31,5 @@ appVersion: 0.2.0 dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/charts/multi-tenant-scim/Chart.lock b/charts/multi-tenant-scim/Chart.lock index 5cf6c99..671bdcc 100644 --- a/charts/multi-tenant-scim/Chart.lock +++ b/charts/multi-tenant-scim/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2025-01-22T16:42:47.031829421+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:28:02.278561-04:00" diff --git a/charts/multi-tenant-scim/Chart.yaml b/charts/multi-tenant-scim/Chart.yaml index 41f7ecb..615c0b4 100644 --- a/charts/multi-tenant-scim/Chart.yaml +++ b/charts/multi-tenant-scim/Chart.yaml @@ -31,5 +31,5 @@ appVersion: "0.0.1" dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/charts/registry-proxy/Chart.lock b/charts/registry-proxy/Chart.lock index df14422..7fa9f18 100644 --- a/charts/registry-proxy/Chart.lock +++ b/charts/registry-proxy/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2024-12-17T16:14:52.214206+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:28:09.295919-04:00" diff --git a/charts/registry-proxy/Chart.yaml b/charts/registry-proxy/Chart.yaml index ee89345..54a6aa2 100644 --- a/charts/registry-proxy/Chart.yaml +++ b/charts/registry-proxy/Chart.yaml @@ -21,7 +21,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.6 +version: 0.1.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -31,5 +31,5 @@ appVersion: "0.0.4" dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/charts/scim/Chart.lock b/charts/scim/Chart.lock index 0f036de..1d08388 100644 --- a/charts/scim/Chart.lock +++ b/charts/scim/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2024-12-17T16:14:52.436288+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:28:15.15139-04:00" diff --git a/charts/scim/Chart.yaml b/charts/scim/Chart.yaml index d862f8d..f2ad5b8 100644 --- a/charts/scim/Chart.yaml +++ b/charts/scim/Chart.yaml @@ -21,7 +21,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.7 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -31,5 +31,5 @@ appVersion: 0.1.0 dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/charts/scim/templates/config.yaml b/charts/scim/templates/config.yaml index 90b907e..e7a66a2 100644 --- a/charts/scim/templates/config.yaml +++ b/charts/scim/templates/config.yaml @@ -33,11 +33,10 @@ stringData: create_role_groups: {{ .Values.createRoleGroups | default "false" }} user_object_type: {{ .Values.userObjectType | default "user" }} identity_object_type: {{ .Values.identityObjectType | default "identity" }} - identity_relation: {{ .Values.identityRelation | default "identifier" }} + identity_relation: {{ .Values.identityRelation | default "user#identifier" }} group_object_type: {{ .Values.groupObjectType | default "group" }} group_member_relation: {{ .Values.groupMemberRelation | default "member" }} group_mappings: {{- .Values.groupMappings | default list | toYaml | nindent 8 }} user_mappings: {{- .Values.userMappings | default list | toYaml | nindent 8 }} - invert_identity_relation: {{ .Values.invertIdentityRelation | default "true" }} diff --git a/charts/scim/values.yaml b/charts/scim/values.yaml index 235b384..04740ee 100644 --- a/charts/scim/values.yaml +++ b/charts/scim/values.yaml @@ -32,12 +32,11 @@ certSecret: # createRoleGroups: false # userObjectType: user # identityObjectType: identity -# identityRelation: identifier +# identityRelation: "user#identifier" # groupObjectType: group # groupMemberRelation: memeber # groupMappings: [] # userMappings: [] -# invertIdentityRelation: true # controller: # # Address and port of the controller's gRPC service. diff --git a/charts/topaz/Chart.lock b/charts/topaz/Chart.lock index 7fa2f0c..42e1b84 100644 --- a/charts/topaz/Chart.lock +++ b/charts/topaz/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: aserto-lib repository: file://../aserto-lib - version: 0.2.1 -digest: sha256:83c950a4ee60c07dbc8e045f6645365ca35eced4f1aa329f51c8e2de1de28f93 -generated: "2024-12-17T16:14:52.687946+02:00" + version: 0.2.0 +digest: sha256:e847ea16d4c0c170655af988461152ab61eed5372f1639769dd7d198346da272 +generated: "2025-03-28T11:17:23.844098-04:00" diff --git a/charts/topaz/Chart.yaml b/charts/topaz/Chart.yaml index 516fe1b..67a88c3 100644 --- a/charts/topaz/Chart.yaml +++ b/charts/topaz/Chart.yaml @@ -21,15 +21,15 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.3 +version: 0.2.4 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.32.38" +appVersion: 0.32.56 dependencies: - name: aserto-lib - version: 0.2.1 + version: 0.2.0 repository: file://../aserto-lib diff --git a/makefile b/makefile index bd47291..534b25d 100644 --- a/makefile +++ b/makefile @@ -8,9 +8,12 @@ ATTN_COLOR := \033[33;01m CHART_REPO := "oci://ghcr.io/aserto-dev/helm" CHARTS_DIR := charts -CHARTS := ${shell ls ${CHARTS_DIR}} -BUMP_PART ?= patch +# Exclude aserto-lib from ${CHARTS}. +# It is included by other charts but isn't published on its own. +CHARTS := $(patsubst aserto-lib,,${shell ls ${CHARTS_DIR}}) + +BUMP_PART ?= patch CT_VERSION := 3.11.0 GRPCURL_VERSION := 1.9.2 @@ -24,6 +27,15 @@ CT_LINT_CMD := ${EXT_BIN_DIR}/ct lint --config ct.yaml \ --lint-conf ${EXT_BIN_DIR}/etc/lintconf.yaml \ --helm-repo-extra-args "aserto-helm=-u gh -p ${GITHUB_TOKEN}" +.PHONY: info +info: + @echo -e "${ATTN_COLOR}==> $@ ${NO_COLOR}" + @echo "CHARTS: ${CHARTS}" + @echo "BIN_DIR: ${BIN_DIR}" + @echo "EXT_DIR: ${EXT_DIR}" + @echo "EXT_BIN_DIR: ${EXT_BIN_DIR}" + @echo "EXT_TMP_DIR: ${EXT_TMP_DIR}" + .PHONY: deps deps: install-ct install-bumpversion install-grpcurl;